[openssl-dev] ALPN RFC compliance
Shigeki Ohtsu
ohtsu at iij.ad.jp
Fri May 29 02:42:25 UTC 2015
I submitted a patch to support no_application_protocol alert on ALPN
about a year ago.
http://rt.openssl.org/Ticket/Display.html?id=3463
But no one replied me yet.
On 2015/05/29 8:20, Scott Mitchell wrote:
> The ALPN RFC [1] states:
>
> In the event that the server supports no protocols that the client
> advertises, then the server SHALL respond with a fatal
> "no_application_protocol" alert. [2]
>
> This functionality is not yet implemented in OpenSSL. Now that HTTP/2
> has be published as a RFC [3], and due to HTTP/2's dependency on ALPN,
> it may be good to revisit the issue. The NPN specification is less
> specific about what to do in the event of no matching protocols, but
> the OpenSSL implementation also does not support failing the
> handshake. NPN may be a lower priority than ALPN but it would be nice
> to support consistent (as possible) behavior for the two extensions.
>
> This issue was originally raised on github [4].
>
> [1] https://tools.ietf.org/html/rfc7301
> [2] https://tools.ietf.org/html/rfc7301#section-3.2
> [3] https://tools.ietf.org/html/rfc7540
> [4] https://github.com/openssl/openssl/issues/188
>
>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
More information about the openssl-dev
mailing list